Westermo MR Series User Manual
Page 249

249
6622-3201
Web Interface and Command Line Reference Guide
www.westermo.com
Host key #2 filename:
This is the filename of either an SSH V1 host key or an SSH V2 host key. It is highly recommend-
ed that the filename be prefixed with “priv” to ensure that the key is not compromised. This key 
is generated on the Configure > Certificates > Utilities page 
Note: 
The Host key filenames cannot be more than 12 characters in length. This includes the exten-
sion and extension separator “.”. 
Maximum login time (secs):
This parameter specifies the maximum length of time in seconds that a user is allowed to suc-
cessfully complete the login procedure once the SSH socket has been opened. The socket is 
closed if the user has not completed a successful login within this period. 
Maximum login attempts:
This is the maximum number of login attempts allowed before the SSH socket will be closed.
Compression level:
SSH uses the DEFLATE compression algorithm. This parameter is used to set the desired level 
of compression. Higher values may result in better compression but will require more CPU time 
within the router. If the value is set to 0, compression is disabled. 
Port forwarding enabled:
When enabled and used with SSH client software (such as PuTTY) that has port forwarding 
functionality, different ports other than 23 can be forwarded to the router. For example, once 
the SSH tunnel is connected, http port 80 traffic can sent securely to the router. 
V1 Options
Server key bits:
During the initialisation of an SSH session, the server sends its host key and a server key (which 
should be of a different size to the host key). The unit generates this key automatically but the 
length of the server key is determined by this parameter. If, when you set this value, it is too 
similar to the length of the host key, the unit will automatically adjust the selected value so that 
the key sizes are significantly different. 
V2 Options
Actively start key exchange:
Some SSH clients wait for the server to initiate the key exchange process when a new SSH ses-
sion is started unless they have data to send to the server, in which case they will initiate the 
key exchange themselves. If this parameter is set to “Yes”, the unit will automatically initiate a 
key exchange without waiting for the client. 
Rekey Kbytes:
With SSH V2 it is possible to negotiate new encryption keys after they have been used to 
encrypt a specified amount of data. This parameter is used to specify the amount of data that 
passed over an encrypted link before a new set of keys must be negotiated. When the param-
eter is set to 0 new keys are not negotiated. 
